pkg:maven/org.springframework/spring-expression
Type
maven
Namespace
org.springframework
Name
spring-expression
Known advisories, vulnerabilities and fixes for org.springframework/spring-expression package.
High
1
Moderate
3
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 5.2.20.RELEASE >= 5.3.0, < 5.3.17 |
CVE-2022-22950
|
MAVEN:GHSA-558X-2XJG-6232 | Allocation of Resources Without Limits or Throttling in Spring Framework | moderate |
2022-04-03T00:01:00
(2 years ago) |
|
Fixed | = 5.2.20.RELEASE = 5.3.17 |
CVE-2022-22950
|
MAVEN:GHSA-558X-2XJG-6232 | Allocation of Resources Without Limits or Throttling in Spring Framework | moderate |
2022-04-03T00:01:00
(2 years ago) |
|
Affected | < 5.2.23.RELEASE |
CVE-2023-20861
|
MAVEN:GHSA-564R-HJ7V-MCR5 | Spring Framework vulnerable to denial of service via specially crafted SpEL expression | moderate |
2023-03-23T21:30:19
(18 months ago) |
|
Fixed | = 5.2.23.RELEASE |
CVE-2023-20861
|
MAVEN:GHSA-564R-HJ7V-MCR5 | Spring Framework vulnerable to denial of service via specially crafted SpEL expression | moderate |
2023-03-23T21:30:19
(18 months ago) |
|
Affected | < 5.3.39 |
CVE-2024-38808
|
MAVEN:GHSA-9CMQ-M9J5-MVWW | Spring Framework vulnerable to Denial of Service | moderate |
2024-08-20T09:30:28
(3 weeks ago) |
|
Fixed | = 5.3.39 |
CVE-2024-38808
|
MAVEN:GHSA-9CMQ-M9J5-MVWW | Spring Framework vulnerable to Denial of Service | moderate |
2024-08-20T09:30:28
(3 weeks ago) |
|
Affected | < 5.2.24.RELEASE |
CVE-2023-20863
|
MAVEN:GHSA-WXQC-PXW9-G2P8 | Spring Framework vulnerable to denial of service | high |
2023-04-13T21:30:27
(17 months ago) |
|
Fixed | = 5.2.24.RELEASE |
CVE-2023-20863
|
MAVEN:GHSA-WXQC-PXW9-G2P8 | Spring Framework vulnerable to denial of service | high |
2023-04-13T21:30:27
(17 months ago) |